I believe they are fairly new. It is supposed to be crowd-sourcing pen testing. I'm not positive how it works for the Sys Admin but for pen testers you sign up, prove you have the skills and you can pen test for money. Kind of like bugcrowd.com.

Marius Corici is my name "I'm guilty as charge" for HackaServer project and for that I'll answer to you guys.

@jrdoty. We've started the project in 2011 (the idea) and get live on March 2012. For everybody works the same no matter if you are a sysadmin or a pentester. We didn't differentiate pentester from sysadmins as a anonymity measure in worst case scenario. We do encourage anonymity. Beside that, to build a server on our infrastructure, of course you'll need an account too.Indeed looks like bucrowd (they came out after us) but not quite. While they are a simply Bug Bounty Program as a Service, HackaServer it's a Bug Bounty Program as a Platform. That means we do offer IaaS to protect your real identity, your infrastructure and and your hardware and financial resources. You can read more about difference between BBP as a Service and BBP as a Platform on our blog. http://blog.hackaserver.com/bug-bounty-programs-part-2/

@Jamie.R +1 One small detail. You sign up as a Hackaserver user no matter if you want to find bugs on others or you want to build your setup to be tested.

@impelse Training Arena it's there as a sand box for sys admins in order to experience how it works. On Training Arena, everybody can experiment with deploy or pentests.

@Jamie.R Indeed most of the servers in Training Arena are without any configuration. However you can use Metasploitable and Wordpress servers to see how and what. They are fully prepared. In fact at this time in our infrastructure are 540 build servers and only ~40 deployed in Training Arena.

Any questions? Glad to answer.

Cheers,

Marius

Last edited by kerosen on Sun Apr 14, 2013 4:42 am, edited 1 time in total.